Re: Mainframe ransomware solution

Fri, 08 Oct 2021 04:44:44 -0700

There is big difference between stolen money from tent on the camping and stolen money from bank safe, which was not closed because someone did not do his duty. 
The safe can be locked, but the tent cannot be effectively secured.

--
Radoslaw Skorupka
Lodz, Poland




W dniu 08.10.2021 o 01:18, Charles Mills pisze:

The one I am privately aware of I did not work on and is four years (?) in the 
past. It was a US government system.

There are varying versions of the Logica story. The one I read in the police 
report and accept as factual involved the exploitation of a flaw in a Web 
browser running on z/OS UNIX. They used that to utterly take over the machine, 
issuing multiple userids and making them SPECIAL and so forth. They installed 
their own login server to make things easier for themselves. I would call that 
a mainframe breach.

I think a focus on "was it a real hack" is a mistake. If your senior systems programmer writes his 
password on the back of his business card and accidentally leaves it in a bar, that is not a "real 
hack" but your data is just as much at risk as if it were. The focus should be on vulnerabilities (in 
that case, lack of MFA and lack of user education) not "was it a real hack?"

If your teenaged son dropped his housekey in your driveway and someone used it to come in 
and steal your TV, would you say "that was not a real burglary"?

At best you can't say mainframe hacks have never happened, you can only say you 
don't know of any. There is a well-known tendency for shops not to discuss. 
(Nor for that matter can one assert unequivocally that they have; only that 
there are none that are well-documented.)

Charles


-----Original Message-----
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf 
Of Bill Johnson
Sent: Thursday, October 7, 2021 3:59 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution

Logica isn’t actually a hack. And of course the phantom one you’re working on.

----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Reply via email to